Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mealie mealie 0.5.5 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-34623
Mealie1.0.0beta3 is vulnerable to user enumeration via timing response discrepancy between users and non-users when an invalid password message is displayed during an authentication attempt.
Mealie Mealie 0.5.5
Mealie Mealie 1.0.0
6.5
CVSSv3
CVE-2022-34621
Mealie 1.0.0beta3 exists to contain an Insecure Direct Object Reference (IDOR) vulnerability which allows malicious users to modify user passwords and other attributes via modification of the user_id parameter.
Mealie Mealie 0.5.5
Mealie Mealie 1.0.0
5.9
CVSSv3
CVE-2022-34624
Mealie1.0.0beta3 does not terminate download tokens after a user logs out, allowing malicious users to perform a man-in-the-middle attack via a crafted GET request.
Mealie Mealie 0.5.5
Mealie Mealie 1.0.0
9.8
CVSSv3
CVE-2022-34615
Mealie 1.0.0beta3 employs weak password requirements which allows malicious users to potentially gain unauthorized access to the application via brute-force attacks.
Mealie Mealie 0.5.5
Mealie Mealie 1.0.0
5.4
CVSSv3
CVE-2022-34619
A stored cross-site scripting (XSS) vulnerability in Mealie v0.5.5 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field.
Mealie Project Mealie 0.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started